Archive for November, 2008

Site preview is a tool provided by SW-Soft in Plesk to view the websites before domain propagation. Using this function a User can test the scripts he/she has uploaded.

Sometime it happens that while trying to access Site Preview it give 404 Page Not Found Error. This mainly happens when the sitepreview.dll is not properly loaded in IIS.

SOLUTION:

This problem can be fixed by adding stiepreview.dll as ISAPI Filters in IIS. To add ISAPI Filters login to the server and go to IIS > Web Sites > Properties. Then chose ISAPI Filters tab and add filter called “sitepreview” located at C:\SWSoft\Plesk\isapi\sitepreview.dll.

NOTE: “C:\SWSoft\Plesk\” Directory can be changed as per your Server Settings

I have checked and found that gcc and cpp modules are already installed on the server. This can be checked using command “rpm -qa | grep gcc” “rpm -qa | grep cpp“. I have searched on many websites and found that glibc-headers were not installed on the server. I have installed glibc-headers using command “yum install glibc-headers“. If you face this problem please make sure that following components are installed on the server:

It is ALWAYS recommended to create additional two (2) users, apart from Administrator. These two users are – another member of “Administrators” group (to avoid actually logging on with the Administrator account, but you have the same privileges) & a regular user, who is part of “Users” group. It is recommended to only log on with regular user, and use the “runas” command when you need to run any particular program as an Administrator; log on with the secondary Administrator user when it is absolutely needed. This will show you how to create a secondary Administrator.

==========

Click the Start button, then Run…

Then type lusrmgr.msc

In window that opens, right click in the right panel and click “New User”

In the New User dialog, type in desired user name and password (secondary Administrator account). Uncheck User must change password, & check Password never expires. Now, go to the Properties of new User; Go to the “Member of” tab and press the Add button.

Then Type Administrators, and press the Check Names button (to complete the name) and press OK when it is done, then press OK on the Local Users and Groups dialog

Now you have a secondary Administrator account; The above steps will be same to add a regular user (highly recommended) until the User properties.

The Advanced TCP/IP dialog will allow you to configure settings relative to DNS, WINS and specify multiple IP Addresses and Gateway’s. To come up with the Advanced TCP/IP Settings dialog, simply right click the desired connection from the Network Connections folder, and choose properties, to view the Properties dialog box of the selected connection. Now, select Internet Protocol (TCP/IP) from the list and click the Properties button. This will openup the Internet Protocol (TCP/IP) Properties dialog.

Next step is to click the Advanced button and popsup the Advanced TCP/IP Settings dialog with four tabs to choose the option , from the given below:

IP Settings allows you to add more IP Addresses or to change the routing properties of the network card.

DNS allows you to set how the TCP/IP connection uses the DNS.

WINS allows you to set how the TCP/IP connection uses WINS for computers that can not access Active Directory.

Options allows you to set TCP/IP Filtering and specify which ports will be used for TCP/IP communication.

The IP Settings Tab : –

The IP addresses box at the top allows you to assign additional IP Addresses to a single network card. This is useful if you are hosting multiple websites on the same web server and want to give each its own IP Address for example.

Simply click the Add button to add an IP Address and Subnet Mask >> Click “Edit” to modify the currently selected item and “Remove” to delete the currently selected item from the list.

The Default gateways box in the middle, Comes into action if you want the network connection to use multiple default gateways. Click the Add button to add a Default gateway, and assign it a Metric value. A “metric value” is the cost of a specific route. Cost can reflect speed, reliability and number of hops. The route with the lowest metric value is used. So if you have two Default Gateways set up, one with a metric of 10 and the other with a metric of 20, then the one with 10 will get the first priority. Leaving the metric at automatic means that the route metric for this default gateway will be calculated automatically, and the fastest route will be chosen.

The Edit and Remove buttons in the Default gateways box, does exactly the same as the IP addresses box.

At the bottom of the IP Settings tab you can set whether you want the Interface to have a specific metric or to be assigned one automatically. By default this option is checked. Uncheck it if you wish to input an Interface metric value of your choice.

The DNS Tab : –

The “DNS server addresses, in order of use box” at the top of the DNS tab is used to list the IP Addresses of the DNS Servers that will be used for name resolution. These servers are ordered and used in priority, so if one server does not work then it will move to the next one down the list. To set the order of IP Addresses, select an IP Address and press the up and down button on the right hand side.

It is important to keep in mind that TCP/IP will not move on to the next server if it fails to resolve the request. It will only move to the next server if the first server it tries is unavailable (perhaps down for maintenance or in the middle of a reboot).

Append primary and connection specific DNS suffixes, and Append parent suffixes of the primary DNS suffix are enabled by default. These options are used for resolution of unqualified names.

The first option is used to resolve unqualified names using the parent domain. For example, if you had a computer name of test and a parent domain called trulymanaged.com it would resolve to test.trulymanaged.com. The query would fail if test.trulymanaged.com does not exist in the parent domain. The second option is used to resolve unqualified names using the parent-child domain hierarchy. A DNS query will move one step up the domain hierarchy if it fails at the current level. It will do this until it reaches the root of the hierarchy.

The textbox on the right of the DNS suffix for this connection is used to explicitly set a DNS suffix that will override any other setting already specified for this connection.

Register this connections addresses in DNS will register all this connections IP Addresses in DNS under the computers FQDN. Using this connections DNS suffix in DNS registration will register all IP Addresses for this connection in DNS under the parent domain.

The WINS Tab : -

The WINS tab is used to specify WINS related settings such as the list of WINS servers to be used for NETBIOS name to IP resolution, the LMHOSTS file to be used as an alternate means of lookups and the NETBIOS settings for the network connection.

Use the “WINS addresses, in order of use box” at the top to add the WINS servers you want the system to use for IP to name resolution. Press the Add button for a small dialog box to appear waiting for you to enter the IP Address of the WINS server. Use the Edit and Remove buttons to modify or delete a selected item respectively. If you have more than one WINS server in the list, press the up and down arrow buttons to adjust the priority of which servers will be queried first. If one server is not available then the next one down will be used, and so on and so forth.

Check the Enable LMHOSTS lookup checkbox so that if WINS cannot resolve a name then the local LMHOSTS file will be used. The LMHOSTS file can be found in \WINDOWS\system32\drivers\etc. It goes by the name of lmhosts.sam and can be modified in a text editor. Entries are placed at the bottom of the file and when used, the listed IP Addresses are matched against a specified host name. If you already have an LMHOSTS file defined on another machine on the network, use the Import LMHOSTS button to select this file and import it to the local machine.

The NETBIOS settings at the bottom allow you to explicitly define how NETBIOS will be used on the system. Choose Default if you want the DHCP server to assign the NETBIOS setting, Enable NETBIOS over TCP/IP if you use a static IP Address or the DHCP Server does not give NETBIOS settings, and Disable NETBIOS over TCP/IP if you do not use NETBIOS or WINS on your network.

The Options Tab (TCP/IP Filtering) :-

The Options tab allows you to configure TCP/IP Filtering settings; you can define which ports or protocols are permitted. Select the Permit Only radio button and use the Add button to add TCP/UDP port numbers or a protocol version to the respective list. If you permit traffic only from a defined set of ports, all other traffic will be dropped.

DNS is the Domain Name System. DNS converts machine names to the IP addresses that all machines on the net have. It translates (or “maps” as the jargon would have it) from name to address and from address to name, and some other things.

A mapping is simply an association between two things, in this case a machine name, like ftp.linux.org, and the machine’s IP number (or address) 199.249.150.4. DNS also contains mappings the other way, from the IP number to the machine name; this is called a “reverse mapping”. Fortunately DNS isn’t really that hard, this blog will try to make a few things clearer. It describes how to set up a simple DNS name server, starting with a caching only server and going on to setting up a primary DNS server for a domain.

Before you start on this you should configure your machine so that you can telnet in and out of it, and successfully make all kinds of connections to the net, and you should especially be able to do telnet 127.0.0.1 and get your own machine (test it now!). You also need good /etc/nsswitch.conf, /etc/resolv.conf and /etc/hosts files as a starting point, let me give a small idea about these files

1) The /etc/nsswitch.conf file is used to configure which services are to be used to determine information such as hostnames, password files, and group files.

2) resolv.conf : Name resolution means translating a string such as ‘gateway.enterprise.net’ into an IP address such as 194.72.194.1. When your machine is connected to the Internet, you need to be able to do this for addresses all over the world.

You do this through the Internet’s Domain Name Service, which is a decentralized system for address translation. You will not usually run a nameserver yourself, unless you are managing extensive sub-networks. The nameserver is run by your ISP.

You have to tell your software where to find the name servers. This is done in /etc/resolv.conf, which looks like this:

The domain is your own domain name, corresponding to the suffixes in /etc/hosts. The nameservers are the primary and secondary nameservers of my ISP, Enterprise plc. The IP addresses are specified, rather than the names, because you would need a nameserver to translate the names to IP addresses. If you try to use an address which is not in your local domain, the name resolver will ask the primary nameserver for its IP address. If that fails, it will try the secondary nameserver before giving up.

3) /etc/hosts: As your machine gets started, it will need to know the mapping of some hostnames to IP addresses before DNS can be referenced. This mapping is kept in the /etc/hosts file.

When I say `your machine’ I mean the machine you are trying to set up DNS on, not any other machine you might have that’s involved in your networking effort. Name serving on Unix is done by a program called named. This is a part of the “BIND” package which is coordinated by The Internet Software Consortium. Named is included in most Linux distributions and is usually installed as /usr/sbin/named, usually from a package called BIND.

If you have a named you can probably use it otherwise please install bind 8 or 9 module. You can check installed bind version, if the named man page talks about (at the very end, in the FILES section) named.conf you have BIND 8; if it talks about named.boot you have BIND 4. If you have 4 and are security conscious you really ought to upgrade to the latest version of BIND 8 Nnw. DNS is a net?wide database. Take care about what you put into it. If you put junk into it, you, and others, will get junk out of it. Keep your DNS tidy and consistent and you will get good service from it. Learn to use it, admin it, debug it and you will be another good admin keeping the net from falling to its knees by mismanagement.

Certificate Signing Request (CSR) contains all the information regarding certificate application. It also includes the Public key.

Following steps will show how to generate a pair of private key and public Certificate Signing Request (CSR) for a webserver, “server” using Apache mod_ssl/OpenSSL.

root@vps [~]# openssl req -new -nodes -keyout vps.key -out vps.csr

This creates a two files. The file vps.key contains a private key;

Following is the output from the above command, you will have to fill some of the fields here:

root@vps [~]# openssl req -new -nodes -keyout vps.key -out vps.csr

Generating a 1024 bit RSA private key
……………++++++
……++++++
writing new private key to ‘vps.key’
—–
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter ‘.’, the field will be left blank.
—–
Country Name (2 letter code) [GB]:GB
State or Province Name (full name) [Berkshire]:Berkshire
Locality Name (eg, city) [Newbury]:Newbury
Organization Name (eg, company) [My Company Ltd]:Trulymanaged
Organizational Unit Name (eg, section) []:Webhosting
Common Name (eg, your name or your server’s hostname) []:vps.server.com
Email Address []:vps@server.com

Please enter the following ‘extra’ attributes
to be sent with your certificate request
A challenge password []:sdfhsdfj
An optional company name []:

Your CSR will now have been created. Open the vps.csr in a text editor and copy and paste the contents into the online enrollment form when requested.

One of the greatest features that Apache offers is that it runs on virtually all widely used computer platforms. At the beginning, Apache used to be primarily a Unixbased Web server, but that is no longer true Apache not only runs on most (if not all) flavors of Unix, but it also runs on Windows 2000/NT/9x and many other desktop and server-class operating systems such as Amiga OS 3.x and OS/2.

* Support for the latest HTTP 1.1 protocol: Apache is one of the first Web servers to integrate the HTTP 1.1 protocol. It is fully compliant with the new HTTP 1.1 standard and at the same time it is backward compatible with HTTP 1.0. Apache is ready for all the great things that the new protocol has to offer.

For example, before HTTP 1.1, a Web browser had to wait for a response from the Web server before it could issue another request. With the emergence of HTTP 1.1, this is no longer the case. A Web browser can send requests in parallel, which saves bandwidth by not transmitting HTTP headers in each
request. This is likely to provide a performance boost at the end-user side because files requested in parallel will appear faster on the browser.

* Simple, yet powerful file-based configuration: The Apache server does not come with a graphical user interface for administrators. It comes with single primary configuration file called httpd.conf that you can use to configure Apache to your liking. All you need is your favorite text editor. However, it is flexible enough to allow you spread out your virtual host configuration in multiple files so that a single httpd.conf does not become too cumbersome to manage with many virtual server configurations.

* Support for CGI (Common Gateway Interface): Apache supports CGI using the mod_cgi and mod_cgid modules. It is CGI 1.1 compliant and offers extended features such as custom environment variables and debugging support that are hard to find in other Web servers.

* Support for FastCGI: Not everyone writes their CGI in Perl, so how can they make their CGI applications faster? Apache has a solution for that as well. Use the mod_fcgi module to implement a FastCGI environment within Apache and make your FastCGI applications blazing fast.

* Support for virtual hosts: Apache is also one of the first Web servers to support both IP-based and named virtual hosts.

* Support for HTTP authentication: Web-based basic authentication is supported in Apache. It is also ready for message-digest-based authentication, which is something the popular Web browsers have yet to implement. Apache can implement basic authentication using either standard password files, DBMs, SQL calls, or calls to external authentication programs.

* Integrated Perl: Perl has become the de facto standard for CGI script programming.\ Apache is surely on of the factors that made Perl such a popular CGI programming language. Apache is now more Perl-friendly then ever before. Using its mod_perl module, you can load a Perl-based CGI script in memory and reuse it as many times as you want. This process removes the start-up penalties that are often associated with an interpreted language like Perl.

* Support for PHP scripting: This scripting language has become very widely used and Apache provides great support for PHP using the mod_php module.

* Java Servlet support: Java servlets and Java Server Pages (JSP) are becoming very commonplace in dynamic Web sites. You can run Java servlets using the award-wining Tomcat environment with Apache.

* Integrated Proxy server: You can turn Apache into a caching (forward) proxy server. However, the current implementation of the optional proxy module does not support reverse proxy or the latest HTTP 1.1 protocol. There are plans for updating this module soon.

* Server status and customizable logs: Apache gives you a great deal of flexibility
in logging and monitoring the status of the server itself. Server status can
be monitored via a Web browser. You can also customize your log files to your
liking.

* Support for Server-Side Includes (SSI): Apache offers set of server side includes that add a great deal of flexibility for the Web site developer.

* Support for Secured Socket Layer (SSL): You can easily create an SSL Web site using OpenSSL and the mod_ssl module for Apache.

ErrorApache Web Server was not passing servlet requests to Apache Tomcat. It served 404 errors to jsp pages, even though the Apache Tomcat was auto-configured by the WHM / Cpanel installation.

SEVERE: Error starting static Resources java.lang.IllegalArgumentException: Document base Ã§Ã§Ã§ does not exist or is not a readable directory at org.apache.naming.resources.FileDirContext.setDocBase(FileDirContext.java:141)

CauseThis was occurring because Tomcat could not read from the “public_html” directory for the site. This was a result of file protect being enabled in easyapache. This option causes all public_html directories to be owned by the user and the group nobody, leaving all other users unable to index those directories. Unfortunately this leaves tomcat, which runs as the user tomcat, unable to access those files as well.